﻿/*文件注释
 * ===============================================================================
 * 说明：
 * 作者：曾永佑
 * 版本：V1.0
 * 创建日期：2013-02-28
 * 完成日期： 
 * 修改纪录：  
 * ===============================================================================
 */  
        
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

namespace SRF.Security
{
    /// <summary>
    /// 权限认证
    /// 每次有访问请求时对要访问的url进行权限验证
    /// </summary>
    public class AuthorizeModule : System.Web.IHttpModule
    {
        public void Init(System.Web.HttpApplication context)
        {
            context.AcquireRequestState += new EventHandler(context_AcquireRequestState);
        }

        public void Dispose()
        {

        }

        void context_AcquireRequestState(object sender, EventArgs e)
        { 
            //检验是否请求的url是否允许访问
            if (!SecurityContext.HasUrlGrant())
            {
                System.Web.HttpApplication httpApplication = (System.Web.HttpApplication)sender;
                httpApplication.Context.Response.StatusCode = 401;
                httpApplication.Context.Response.End();
            }
        }
    }
}